Thousands of GitHub, AWS, Docker tokens exposed in Travis CI logs

By Ionut Ilascu, Bleeping Computer

For a second time in less than a year, the Travis CI platform for software development and testing has exposed user data containing authentication tokens that could give access to developers’ accounts on GitHub, Amazon Web Services, and Docker Hub.

Researchers at Aqua Security discovered that “tens of thousands of user tokens” are exposed through the Travis CI API that offer access to more than 770 million logs with various types of credentials belonging to free tier users.


Comments

Popular posts from this blog

Ukraine targeted by DDoS attacks from compromised WordPress sites

Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

Microsoft Azure outage takes down services across North America